Prisma Cloud Known Issues
Table of Contents
Prisma Cloud Enterprise Edition
Expand all | Collapse all
-
-
- Features Introduced in September 2023
- Features Introduced in August 2023
- Features Introduced in July 2023
- Features Introduced in June 2023
- Features Introduced in May 2023
- Features Introduced in April 2023
- Features Introduced in March 2023
- Features Introduced in February 2023
- Features Introduced in January 2023
-
- Features Introduced in December 2022
- Features Introduced in November 2022
- Features Introduced in October 2022
- Features Introduced in September 2022
- Features Introduced in August 2022
- Features Introduced in July 2022
- Features Introduced in June 2022
- Features Introduced in May 2022
- Features Introduced in April 2022
- Features Introduced in March 2022
- Features Introduced in February 2022
- Features Introduced in January 2022
- Limited GA Features on Prisma Cloud
- Look Ahead—Planned Updates on Prisma Cloud
- Prisma Cloud Known Issues
-
-
- Features Introduced in September 2023
- Features Introduced in August 2023
- Features Introduced in July 2023
- Features Introduced in June 2023
- Features Introduced in May 2023
- Features Introduced in April 2023
- Features Introduced in March 2023
- Features Introduced in February 2023
- Features Introduced in January 2023
- Features Introduced in December 2022
- Features Introduced in November 2022
- Features Introduced in September 2022
- Features Introduced in July 2022
- Features Introduced in June 2022
- Features Introduced in March 2022
- Features Introduced in February 2022
- Look Ahead — Planned Updates on Prisma Cloud Compute
- Prisma Cloud Compute Known Issues
-
-
- Features Introduced in September 2023
- Features Introduced in August 2023
- Features Introduced in July 2023
- Features Introduced in June 2023
- Features Introduced in May 2023
- Features Introduced in April 2023
- Features Introduced in March 2023
- Features Introduced in February 2023
- Features Introduced in January 2023
-
- Features Introduced in December 2022
- Features Introduced in September 2022
- Features Introduced in August 2022
- Features Introduced in July 2022
- Features Introduced in June 2022
- Features Introduced in May 2022
- Features Introduced in April 2022
- Features Introduced in March 2022
- Features Introduced in January 2022
- Look Ahead—Planned Updates on Prisma Cloud Application Security
-
Prisma Cloud Known Issues
Review the list of known issues and deprecation notice on Prisma Cloud.
The following table lists the known issues on Prisma Cloud for the CSPM capabilities. For deprecation notices or upcoming changes, see Look Ahead - Planned Updates on Prisma Cloud. If you have also adopted the Compute and Microsegmentation capabilities, review the respective sections in the Release Notes.
ISSUE ID | DESCRIPTION |
RLP-104295 | Prisma Cloud has fully adopted Microsoft Authentication Library (MSAL) for monitoring Azure instances. However, in very rare cases, you might come across log entries for calls from Prisma Cloud to Active Directory Authentication Library (ADAL) endpoints. These entries can be disregarded. A fix will be implemented to resolve these erroneous entries. |
RLP-90184 | The behavior of filters on the Alerts Overview page is slightly different from that on the Asset Inventory and Asset Explorer pages. On the Alerts Overview page when you select the Asset Class , Resource Type , and Service Name filters, the alerts displayed are a combination of those three selected filters. Whereas on the Asset Inventory and Asset Explorer pages, the preference is given to Resource Type over Service Name when both those filters are selected due to which the assets for which alerts are displayed on the Asset Inventory and Asset Explorer pages do not match those displayed on the Alerts Overview page. |
RLP-78777 | The AWS Global Accelerator service returns an Access Denied error with the error assumed-role/PrismaCloudReadOnlyRole/redlock is not authorized to perform: iam:CreateServiceLinkedRole on resource. The issue occurs because the aws-global-accelerator-accelerator API requires you to enable the service-linked IAM role to ingest metadata. To resolve the error, add the role to include the required permissions.Workaround : If you do not want to enable the service-linked role, create a support ticket with Palo Alto Networks Technical Support to disable the AWS Global Accelerator service API. |
RLP-73807 | In Unified Asset Inventory, Compute alerts are not displayed in the Resource Explorer audit trail. |
RLP-72605 | The list of alert counts that correspond to a policy are inaccurate when you select more than one alert rule name. This issue is seen on:
|
RLP-75376 | PCDS Azure only— If you have enabled public access from selected IP addresses on storage account with Prisma Cloud NAT IPs and Azure outbound IPs added to the allow list, ingestion fails with 403 error (permission denied). |
RLP-65612 | PCDS Azure only— The Inventory page may display 400 error if data is not available. |
RLP-65602 | PCDS Azure only— During onboarding when you enter the Client ID and Secret , if the Secret exceeds the specified length, a bad request error displays. |
RLP-68751 | In Unified Asset Inventory, only System Administrators can view the Compute assets and not other users. Compute alerts will not be accessible on Alerts pages for all users except System Administrators. |
RLP-65286 | When integrating Prisma Cloud with Jira, if the Jira issueType field uses space as a separator between the words, such as Service Request or New Feature , a 500 Internal Server error occurs while configuring Typeahead fields such as Reporter or Assignee, in a Notification Template. You will be unable to create a Notification Template for Jira with the Typeahead fields.Workaround : Rename the field to remove the space or add an underscore. For example, ServiceRequest or New_Feature . You can then add Typeahead fields in a Notification Template. |
RLP-65216 | If you have configured multiple flow logs for a VPC and if any of the flow logs are incorrectly configured, the flow log status on Prisma Cloud is reported as a warning (Amber). This status does not impact ingestion for all the correctly configured flow logs. |
RLP-62558 | The resource name displayed on the Alerts L2 page does not match the name displayed for the same resource on the Asset Explorer page. |
RLP-60005 | Prisma Cloud may not process some of the delete bucket events, due to which the buckets that you have deleted in the AWS console will be visible in the Prisma Cloud Inventory page. |
RLP-55036 | When changing the Maximum time before access keys expire value for access keys, it may take up to 15 minutes for the updates to take effect. |
RLP-40248 | When you create an alert rule and specify target resource tags, Prisma Cloud processes only a single resource tag key/value pair properly. Proper processing of multiple resource tags or resource tags with multiple values is not guaranteed. This behavior exists whether you create the alert rule through the Prisma Cloud console or through the CSPM API. |
RLP-27427 | Applies to Prisma Cloud Data Security only Malware report is not available in PDF format. |
RLP-25117 | Applies to Prisma Cloud Data Security only
The Dashboard displays an error when you select an account group that does not contain any accounts. |
RLP-19480 | The Business Unit Report does not support multi-byte characters used in languages such as Japanese. |
RLP-19470 | The Business Unit Report csv file lists all enabled policies even when there are no open alerts, because there are no resources to scan. |
RLP-14469 | When you enable Dataflow compression for a cloud account, the subnetwork creation status may display a failure message on the onboarding status page. This error displays because the time threshold to create the subnetwork and report completion exceeds the response time threshold on Prisma Cloud. Workaround— Click to the previous page and click next to load the status page again. |
RLP-13485 | If you have the maximum number of VPCs (5) already created in the project and you then enable flowlog compression, the onboarding fails because Prisma Cloud is unable to add the network needed to enable Dataflow compression. When this happens the remediation steps in the message that displays is incorrect. |
RLP-9723 | The integration status check for Jira displays as yellow instead of red even if the integration is misconfigured. |
— | Dashboard widgets don’t load for a large data set where the time window is also large. |
— | The aws-ecs-describe-task-definition and aws-emr-describe-cluster APIs now run once every 24 hours to generate alerts. If you have cloud accounts with a significant amount of ECS/EMR resources, the resource status is updated once a day. |
— | The configuration build policies are displayed even if you have not enabled Code Security module. |
— | Currently when you edit default policies in the Code Security module, the policy is duplicated with the updated metadata. Both the unedited policy and the edited policy are then visible on Projects when the Status- Suppressed (for the original policy) and Errors (for the edited policy) are enabled. |
— | AWS CloudTrail in the Osaka region (ap-northeast-3) do not display on the Prisma Cloud administrative console. This issue requires a fix on AWS. When fixed on AWS, the issue will be automatically resolved on Prisma Cloud. |